[njs] Issues found by Coverity Scan in String.match() have been ...

Igor Sysoev igor at sysoev.ru
Thu Mar 24 15:17:03 UTC 2016 

details:   http://hg.nginx.org/njs/rev/425cf63a7283
branches:  
changeset: 89:425cf63a7283
user:      Igor Sysoev <igor at sysoev.ru>
date:      Thu Mar 24 13:57:06 2016 +0300
description:
Issues found by Coverity Scan in String.match() have been fixed.

diffstat:

 njs/njs_string.c         |  28 ++++++++++++++++------------
 njs/test/njs_unit_test.c |   8 ++++++++
 2 files changed, 24 insertions(+), 12 deletions(-)

diffs (97 lines):

diff -r 6e70fe1e0a47 -r 425cf63a7283 njs/njs_string.c
--- a/njs/njs_string.c	Wed Mar 23 15:49:49 2016 +0300
+++ b/njs/njs_string.c	Thu Mar 24 13:57:06 2016 +0300
@@ -1351,14 +1351,17 @@ njs_string_prototype_match(njs_vm_t *vm,
 
     (void) njs_string_prop(&string, &args[0]);
 
+    /* Byte string. */
     utf8 = 0;
     n = 0;
 
     if (string.length != 0) {
+        /* ASCII string. */
         utf8 = 1;
         n = 1;
 
         if (string.length != string.size) {
+            /* UTF-8 string. */
             utf8 = 2;
         }
     }
@@ -1366,16 +1369,6 @@ njs_string_prototype_match(njs_vm_t *vm,
     if (pattern->code[n] != NULL) {
         array = NULL;
 
-        if (n != 0) {
-            utf8 = 2;
-
-        } else if (string.length != 0) {
-            utf8 = 1;
-
-        } else {
-            utf8 = 1;
-        }
-
         do {
             ret = pcre_exec(pattern->code[n], pattern->extra[n],
                             (char *) string.start, string.size,
@@ -1412,11 +1405,17 @@ njs_string_prototype_match(njs_vm_t *vm,
                 case 0:
                     length = 0;
                     break;
+
                 case 1:
                     length = size;
                     break;
+
                 default:
                     length = nxt_utf8_length(start, size);
+                    if (nxt_slow_path(length < 0)) {
+                        goto error;
+                    }
+
                     break;
                 }
 
@@ -1432,8 +1431,7 @@ njs_string_prototype_match(njs_vm_t *vm,
                 break;
 
             } else {
-                vm->exception = &njs_exception_internal_error;
-                return NXT_ERROR;
+                goto error;
             }
 
         } while (string.size > 0);
@@ -1445,6 +1443,12 @@ njs_string_prototype_match(njs_vm_t *vm,
 
     return NXT_OK;
 
+error:
+
+    vm->exception = &njs_exception_internal_error;
+
+    return NXT_ERROR;
+
 empty:
 
     array = njs_array_alloc(vm, 1, 0);
diff -r 6e70fe1e0a47 -r 425cf63a7283 njs/test/njs_unit_test.c
--- a/njs/test/njs_unit_test.c	Wed Mar 23 15:49:49 2016 +0300
+++ b/njs/test/njs_unit_test.c	Thu Mar 24 13:57:06 2016 +0300
@@ -2823,6 +2823,14 @@ static njs_unit_test_t  njs_test[] =
     { nxt_string("'abc ABC aBc'.match(/abc/ig)"),
       nxt_string("abc,ABC,aBc") },
 
+    { nxt_string("var a = 'α'.match(/α/g)[0] + 'α';"
+                 "a +' '+ a.length"),
+      nxt_string("αα 2") },
+
+    { nxt_string("var a = '\\u00CE\\u00B1'.toBytes().match(/α/g)[0] + 'α';"
+                 "a +' '+ a.length"),
+      nxt_string("αα 4") },
+
     /* Functions. */
 
     { nxt_string("function f() { } f()"),

More information about the nginx-devel mailing list